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In the Claims: 

Please amend Claims 69-80, and 87-89, all as shown below. Applicant reserves the right 
to prosecute any originally presented claims in a continuing or future application. 

16. (Original) A system for maintaining security in a distributed computing environment, 
comprising: 

a policy manager for managing a security policy; and 

an application guard for managing access to securable components as specified by the 
security policy; 

wherein the application guard further allows for additional customized code to process and 
evaluate authorization requests based on the additional customized code. 

29. (Original) A system for controlling user access in a distributed computing environment, 
comprising: 

a global policy specifying access privileges of the user to securable components; 

a policy manager located on a server for managing and distributing to a client a local client 
policy based on the global policy, and 

an application guard located on the client for managing access to the securable components 
as specified by the local client policy; 

wherein the application guard further allows for additional customized code to process and 
evaluate authorization requests based on the additional customized code. 

57. (Original) A system for maintaining security in a distributed computing environment, 
comprising: 

a policy manager for managing a security policy; and 

an application guard for managing access to securable components including at least one 
application as specified by the security policy. 
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58. (Original) A system for maintaining security in a distributed computing environment, 
comprising: 

a policy manager for managing a security policy; and 

an application guard for managing access to securable components including a function 
within an application as specified by the security policy. 

59. (Original) A system for maintaining security in a distributed computing environment, 
comprising: 

a policy manager for managing a security policy; and 

an application guard for managing access to securable components including a procedure 
within an application as specified by the security policy. 

60. (Original) A system for maintaining security in a distributed computing environment, 
comprising: 

a policy manager for managing a security policy; and 

an application guard for managing access to securable components including a data 
structure within an application as specified by the security policy. 

61. (Original) A system for maintaining security in a distributed computing environment, 
comprising: 

a policy manager for managing a security policy; and 

an application guard for managing access to securable components including a database 
object within referenced by an application as specified by the security policy. 

62. (Original) A system for maintaining security in a distributed computing environment, 
comprising: 

a policy manager for managing a security policy; and 
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an application guard for managing access to securable components including a file system 
object referenced by an application as specified by the security policy. 

63. (Original) A method for maintaining security in a distributed computing environment, 
comprising: 

managing a security policy via a policy manager; and 

managing access via an application guard to securable components including at least one 
application as specified by the security policy. 

64. (Original) A method for maintaining security in a distributed computing environment, 
comprising: 

managing a security policy via a policy manager; and 

managing access via an application guard to securable components including a function 
within an application as specified by the security policy. 

65. (Original) A method for maintaining security in a distributed computing environment, 
comprising: 

managing a security policy via a policy manager; and 

managing access via an application guard to securable components including a procedure 
within an application as specified by the security policy. 

66. (Original) A method for maintaining security in a distributed computing environment, 
comprising: 

managing a security policy via a policy manager; and 

managing access via an application guard to securable components including a data 
structure within an application as specified by the security policy. 
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67. (Original) A method for maintaining security in a distributed computing environment, 
comprising: 

managing a security policy via a policy manager; and 

managing access via an application guard to securable components including a database 
object referenced by an application as specified by the security policy. 

68. (Original) A method for maintaining security in a distributed computing environment, 
comprising: 

managing a security policy via a policy manager; and 

managing access via an application guard to securable components including a file system 
object referenced by an application as specified by the security policy. 

69 . (Currently Amended) A method for maintaining software application security in a distributed 
computing environment, comprising: 

managing a security policy via a policy manager; and 

managing, via an application guard, access to securable software application components 
as specified by the security policy; 

wherein the application guard further allows for additional customized code to process and 
evaluate authorization requests in order to access securable software application components 
based on the additional customized code. 

70. (Currently Amended) A method for controlling user access to software application 
components via a system in a distributed computing environment, comprising: 

specifying via a global policy privileges of the user to access securable software application 
components; 

managing and distributing, via a policy manager, to a client, a local client policy based on the 
global policy, and 
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managing, via an application guard located on the client, access to the securable software 
application components as specified by the local client policy; 

wherein the application guard further allows for additional customized code to process and 
evaluate authorization requests in order to access securable software application components 
based on the additional customized code. 

7 1 . (Currently Amended ) A method for authorization that provides for a user access to securable 
software application components of a system, comprising: 

specifying via a policy A privileges of the user to access the securable software application 
components; 

managing via an application guard access to the securable software application 
components; and 

executing the application guard via a processor coupled to the system; 

wherein the application guard further allows for additional customized code to process and 
evaluate authorization requests in order to access securable software application components 
based on the additional customized code. 

72. (Currently Amended) A method for prov i ding a syst e m for maintaining security in a 
distributed computing environment, comprising the steps of : 

providing a policy manager [[for]] to manage manag i ng a security policy; and 
providing an application guard [[fori] to manage managing access to securable components 
including at least one application as specified by the security policy. 

73. (Currently Amended) A method for prov i d i ng a syst e m for maintaining security in a 
distributed computing environment, comprising the steps of : 

providing a policy manager [[for]] to manage manag i ng a security policy; and 
providing an application guard [[for]] to manage manag i ng access to securable components 
including a function within an application as specified by the security policy. 
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74. (Currently Amended) A method for prov i d i ng a syst e m for maintaining security in a 
distributed computing environment, comprising the steps of : 

providing a policy manager [[for]] to manage manag i ng a security policy; and 
providing an application guard [[for]] to manage manag i ng access to securable components 
including a procedure within an application as specified by the security policy. 

75. (Currently Amended) A method for prov i d i ng a syst e m for maintaining security in a 
distributed computing environment, comprising the steps of : 

providing a policy manager [[for]] to manage manag i ng a security policy; and 
providing an application guard [[for]] to manage manag i ng access to securable components 
including a data structure within an application as specified by the security policy. 

76. (Currently Amended) A method for provid i ng a syst e m for maintaining security in a 
distributed computing environment, comprising the steps of : 

providing a policy manager [[fori] to manage manag i ng a security policy; and 
providing an application guard [[for]] to manage manag i ng access to securable components 
including a database object referenced by an application as specified by the security policy. 

77. (Currently Amended) A method for prov i d i ng a syst e m for maintaining security in a 
distributed computing environment, comprising the steps of : 

providing a policy manager [[for]] to manage manag i ng a security policy; and 
providing an application guard [[for]] to manage manag i ng access to securable components 
including a file system object referenced by an application as specified by the security policy. 

78. (Currently Amended) A method for prov i d i ng a syst e m for maintaining security in a 
distributed computing environment, comprising the steps of : 

providing a policy manager [[for]] to manage manag i ng a security policy; and 
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providing an application guard [[for]] to manage manag i ng access to securable software 
application components as specified by the security policy; 

wherein the application guard further allows for additional customized code to process and 
evaluate authorization requests based on the additional customized code. 

79. (Currently Amended) A method for prov i d i ng a syst e m for controlling user access in a 
distributed computing environment, comprising the steps of : 

providing a global policy specifying privileges of the user to access securable components; 

providing a policy manager located on a server [[for]] to manage manag i ng and d i str i but i ng 
distribute to a client a local client policy based on the global policy, and 

providing an application guard located on the client [[for]] to manage managing access to the 
securable software application components as specified by the local client policy; 

wherein the application guard further allows for additional customized code to process and 
evaluate authorization requests based on the additional customized code. 

80. (Currently Amended) A method for prov i d i ng a syst e m for authorizing author i zation that 
prov i d e s access to securable components for a user, comprising the steps of : 

providing a policy specifying access privileges of the user to the securable software 
application components; 

providing an application guard; and 

providing a processor coupled to said system, said processor executing said application 
guard to manage access to the securable software application components; 

wherein the application guard further allows for additional customized code to process and 
evaluate authorization requests based on the additional customized code. 

81 . (Original) A computer readable storage medium having stored thereon a method for 
maintaining security in a distributed computing environment comprising the steps of: 

managing a security policy via a policy manager; and 
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managing access via an application guard to securable components including at least one 
application as specified by the security policy. 

82. (Original) A computer readable storage medium having stored thereon a method for 
maintaining security in a distributed computing environment comprising the steps of: 

managing a security policy via a policy manager; and 

managing access via an application guard to securable components including a function 
within an application as specified by the security policy. 

83. (Original) A computer readable storage medium having stored thereon a method for 
maintaining security in a distributed computing environment comprising the steps of: 

managing a security policy via a policy manager; and 

managing access via an application guard to securable components including a procedure 
within an application as specified by the security policy. 

84. (Original) A computer readable storage medium having stored thereon a method for 
maintaining security in a distributed computing environment comprising the steps of: 

managing a security policy via a policy manager; and 

managing access via an application guard to securable components including a data 
structure within an application as specified by the security policy. 

85. (Original) A computer readable storage medium having stored thereon a method for 
maintaining security in a distributed computing environment comprising the steps of: 

managing a security policy via a policy manager; and 

managing access via an application guard to securable components including a database 
object referenced by an application as specified by the security policy. 
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86. (Original) A computer readable storage medium having stored thereon a method for 
maintaining security in a distributed computing environment, comprising: 

managing a security policy via a policy manager; and 

managing access via an application guard to securable components including a file system 
object referenced by an application as specified by the security policy. 

87. (Currently Amended) A computer readable storage medium having stored thereon a method 
for maintaining security in a distributed computing environment comprising the steps of: 

managing a security policy via a policy manager; and 

managing via an application guard access to securable software application components 
as specified by the security policy; 

wherein the application guard further allows for additional customized code to process and 
evaluate authorization requests in order to access securable software application components 
based on the additional customized code. 

88. (Currently Amended) A computer readable storage medium having stored thereon a method 
for controlling user access via a system in a distributed computing environment, comprising the 
steps of: 

specifying access privileges of the user via a global policy to securable software application 
components; 

managing and distributing via a policy manager a local client policy based on the global policy 
located on a server to a client, and 

managing access via an application guard located on the client to the securable software 
application components as specified by the local client policy; 

wherein the application guard further allows for additional customized code to process and 
evaluate authorization requests in order to access securable software application components 
based on the additional customized code. 
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89. (Currently Amended) Acomputer readable storage medium having stored thereon a method 
for authorization that provides access to securable software application components of a system 
for a user, comprising: 

specifying access privileges of the user via a policy to securable software application 
components 

managing access via an application guard to the securable software application 
components; and 

executing via a processor coupled to said system said application guard; 

wherein the application guard further allows for additional customized code to process and 
evaluate authorization requests in order to access securable software application components 
based on the additional customized code. 
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